Fortnite Flaw Put Millions of Players at Risk, Researchers Say
- Flaw led to potential for fraud, privacy invasion: Check Point
- Epic Games says Fortnite vulnerabilities have been addressed
A flaw in Epic Games Inc.’s Fortnite put the accounts of millions of users at risk of malicious attack, researchers from Check Point Software Technologies Ltd. said in a report Wednesday.
The vulnerability in the authentication process allowed hackers to send a link to the player that, once clicked, gave access to the user account where attackers could buy virtual currency and purchase game equipment that could then be transferred to a separate account and resold. The hacker also could gain access to conversations held by the player and his friends, which could be used to exploit the account owner, often children under 18.
”We were made aware of the vulnerabilities and they were soon addressed,” an emailed statement from Epic Games said. ”We encourage players to protect their accounts by not re-using passwords and using strong passwords, and not sharing account information with others.” It was unclear whether the vulnerability discovered by Check Point was ever exploited.